<div class="editor-default-node4-header-medium" data-template="t_4_3">
	<img src="https://urc-thumb.oss-cn-beijing.aliyuncs.com/resource-temp/1725514076938section-ico4.png">1.3.1
	客户端认证策略配置文件
</div>
<p style="text-align:justify;">
	&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;“pg_hba.conf”主要用于管理客户端认证策略，可以通过调用gs_guc工具来设置合适的参数，同时发送信号量到数据库进程。配置“pg_hba.conf”文件的语法为：
</p>
<p><span class="font_blue2">gs_guc
		[ set | reload ] [-N NODE-NAME] [-I INSTANCE-NAME | -D DATADIR] -h
		"HOSTTYPE DATABASE USERNAME IPADDR AUTHMEHOD"</span></p>
<p style="text-align:justify;">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;其中各个参数的意义如表1-3-1所示。</p>
<p style="margin-top:0pt; margin-bottom:0pt; text-align:center">表1-3-1 gs_guc工具配置“pg_hba.conf”文件的语法</p>
<table border="0" width="100%" cellpadding="0" cellspacing="0" class="insertTable" style="text-align:justify;">
	<thead>
		<tr>
			<td
				style="width: 81.1pt; border-right-width: 0.75pt; border-bottom-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(91, 155, 213);">
				<p
					style="margin-top: 0pt; margin-bottom: 0pt; text-indent: 22.1pt; text-align: center; font-size: 11pt;">
					<span style="font-family:微软雅黑; color:#ffffff">参数</span></p>
			</td>
			<td
				style="width: 102.6pt; border-right-width: 0.75pt; border-left-width: 0.75pt; border-bottom-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(91, 155, 213);">
				<p
					style="margin-top: 0pt; margin-bottom: 0pt; text-indent: 22.1pt; text-align: center; font-size: 11pt;">
					<span style="font-family:微软雅黑; color:#ffffff">意义</span></p>
			</td>
			<td
				style="width: 230.2pt; border-left-width: 0.75pt; border-bottom-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(91, 155, 213);">
				<p style="margin-top: 0pt; margin-bottom: 0pt; text-align: center; font-size: 11pt;"><span
						style="font-family:微软雅黑; color:#ffffff">备注</span></p>
			</td>
		</tr>
	</thead>
	<tbody>
		<tr>
			<td
				style="width: 81.1pt; border-top-width: 0.75pt; border-right-width: 0.75pt; border-bottom-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">set</p>
			</td>
			<td
				style="width: 102.6pt; border-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">表示只修改配置文件中的参数，不会立即生效。
				</p>
			</td>
			<td
				style="width: 230.2pt; border-top-width: 0.75pt; border-left-width: 0.75pt; border-bottom-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; vertical-align: top; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:9pt">&nbsp;</p>
			</td>
		</tr>
		<tr>
			<td
				style="width: 81.1pt; border-top-width: 0.75pt; border-right-width: 0.75pt; border-bottom-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">reload</p>
			</td>
			<td
				style="width: 102.6pt; border-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">
					表示修改配置文件中的参数，同时发送信号给数据库进程，使其重新加载配置文件生效。</p>
			</td>
			<td
				style="width: 230.2pt; border-top-width: 0.75pt; border-left-width: 0.75pt; border-bottom-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; vertical-align: top; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; font-size:9pt">&nbsp;</p>
			</td>
		</tr>
		<tr>
			<td
				style="width: 81.1pt; border-top-width: 0.75pt; border-right-width: 0.75pt; border-bottom-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">-N</p>
			</td>
			<td
				style="width: 102.6pt; border-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">需要设置的主机名称。</p>
			</td>
			<td
				style="width: 230.2pt; border-top-width: 0.75pt; border-left-width: 0.75pt; border-bottom-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">
					取值范围可以为已有主机名称。当参数取值为all时，表示设置openGauss中所有的主机。</p>
			</td>
		</tr>
		<tr>
			<td
				style="width: 81.1pt; border-top-width: 0.75pt; border-right-width: 0.75pt; border-bottom-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">-I INSTANCE-NAME</p>
			</td>
			<td
				style="width: 102.6pt; border-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">需要设置的实例名称。</p>
			</td>
			<td
				style="width: 230.2pt; border-top-width: 0.75pt; border-left-width: 0.75pt; border-bottom-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">
					取值范围可以为已有实例名称。当参数取值为all时，表示设置主机中所有的实例。</p>
			</td>
		</tr>
		<tr>
			<td
				style="width: 81.1pt; border-top-width: 0.75pt; border-right-width: 0.75pt; border-bottom-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">-D DATADIR</p>
			</td>
			<td
				style="width: 102.6pt; border-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">需要执行命令的openGauss实例目录。
				</p>
			</td>
			<td
				style="width: 230.2pt; border-top-width: 0.75pt; border-left-width: 0.75pt; border-bottom-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">与“-I”不能同时使用</p>
			</td>
		</tr>
		<tr>
			<td
				style="width: 81.1pt; border-top-width: 0.75pt; border-right-width: 0.75pt; border-bottom-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">-h host-auth-policy</p>
			</td>
			<td
				style="width: 102.6pt; border-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">
					指定需要在“pg_hba.conf”增加的客户端认证策略。</p>
			</td>
			<td
				style="width: 230.2pt; border-top-width: 0.75pt; border-left-width: 0.75pt; border-bottom-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; vertical-align: top; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">&nbsp;</p>
			</td>
		</tr>
		<tr>
			<td
				style="width: 81.1pt; border-top-width: 0.75pt; border-right-width: 0.75pt; border-bottom-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">HOSTTYPE</p>
			</td>
			<td
				style="width: 102.6pt; border-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">指定客户端主机类型</p>
			</td>
			<td
				style="width: 230.2pt; border-top-width: 0.75pt; border-left-width: 0.75pt; border-bottom-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">HOSTTYPE是必选参数，支持以下选项：
				</p>
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">
					“local”：Unix域套接字<br>“host”：普通或SSL加密的TCP / IP套接字<br>“hostssl”：SSL加密的TCP / IP套接字<br>“hostnossl”：纯TCP /
					IP套接字</p>
			</td>
		</tr>
		<tr>
			<td
				style="width: 81.1pt; border-top-width: 0.75pt; border-right-width: 0.75pt; border-bottom-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">DATABASE</p>
			</td>
			<td
				style="width: 102.6pt; border-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">指定客户端能访问的数据库名称</p>
			</td>
			<td
				style="width: 230.2pt; border-top-width: 0.75pt; border-left-width: 0.75pt; border-bottom-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">
					多个数据库以逗号分隔。当参数取值为all时，表示对主机中所有的数据库生效。</p>
			</td>
		</tr>
		<tr>
			<td
				style="width: 81.1pt; border-top-width: 0.75pt; border-right-width: 0.75pt; border-bottom-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">USERNAME</p>
			</td>
			<td
				style="width: 102.6pt; border-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">指定客户端的用户名称</p>
			</td>
			<td
				style="width: 230.2pt; border-top-width: 0.75pt; border-left-width: 0.75pt; border-bottom-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">
					多个用户以逗号分隔。当参数取值为all时，表示对所有用户生效。</p>
			</td>
		</tr>
		<tr>
			<td
				style="width: 81.1pt; border-top-width: 0.75pt; border-right-width: 0.75pt; border-bottom-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">IPADDR</p>
			</td>
			<td
				style="width: 102.6pt; border-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">指定客户端的IP地址或主机名称</p>
			</td>
			<td
				style="width: 230.2pt; border-top-width: 0.75pt; border-left-width: 0.75pt; border-bottom-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">
					指定地址，当参数取值为0.0.0.0/0就是任意地址，127.0.0.1/32，::1/128都是本地</p>
			</td>
		</tr>
		<tr>
			<td
				style="width: 81.1pt; border-top-width: 0.75pt; border-right-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">AUTHMEHOD</p>
			</td>
			<td
				style="width: 102.6pt; border-top-width: 0.75pt; border-right-width: 0.75pt; border-left-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">指定客户端的认证方式</p>
			</td>
			<td
				style="width: 230.2pt; border-top-width: 0.75pt; border-left-width: 0.75pt; padding-right: 5.03pt; padding-left: 5.03pt; background-color: rgb(221, 235, 247);">
				<p style="margin-top:0pt; margin-bottom:0pt; text-align:justify; font-size:10pt">
					可选，支持以下选项：<br>trust：不验证密码，禁止远程主机使用trust方式访问openGauss<br>reject：拒绝访问<br>md5、sha256、cert：客户端证书认证<br>gss：kerberos认证
				</p>
			</td>
		</tr>
	</tbody>
</table>
<p style="margin-top:0pt; margin-bottom:0pt; text-align:center">&nbsp;<br></p>